Change Log

Change Log (Consultation Dec 2019)

This version is:

Published 5 years ago 20 Dec 2019

A detailed list of changes from V3.1.3 to V3.1.4 Changes are indicated as follows. Copy…

Other pages in this section

A detailed list of changes from V3.1.3 to V3.1.4

Changes are indicated as follows. Copy which has been removed is ~~struck out~~ and copy which has been added is in blue.

Item	Section Reference	Description of Change							Reason for Change
Section Introduction
1	The Customer Experience Guidelines form part of the Open Banking Standard ~~Implementation Requirements (SIRs)~~ The Customer Experience Guidelines (and associated Checklist) form part of the Standard ~~Implementation Requirement~~s, and set out the customer experience required to deliver a successful Open Banking ecosystem, alongside technical, performance, non-functional requirements and dispute resolution practices. The CEG Checklist has been developed for ASPSPs and TPPs to assess compliance towith this aspect of the OBIE Standard ~~Implementation Requirement~~s. The CEG and CEG Checklist are consistent with: The Revised Payment Services Directive (PSD2) (Transposed in the UK by the Payment Services Regulations 2017 (PSRs)) The Regulatory Technical Standards on Strong Customer Authentication and Common and Secure Communication (RTS)) The UK CMA Retail Banking Market Investigation Order which applies to the nine largest UK retail banks only (known as the CMA9)). In developing its Standard ~~Implementation Requirement~~s, OBIE has undertaken extensive engagement with different market participants, and analysis to ensure that its standards have been designed in line with relevant regulatory and market requirements. On this basis, where an ASPSP seeking an exemption notifies the relevant National Competent Authority (NCA) (e.g. the FCA in the UK) that its dedicated interface follows the OBIE Standard ~~Implementation Requirement~~s, we expect this will provide a level of assurance that the ASPSP meets the requirement of RTS Article 30(5). Conversely, when an ASPSP has deviated from the Standard ~~Implementation Requirement~~s, we expect that the NCA may require additional information to enable it to consider more closely whether the ASPSP’s implementation is compliant with the relevant regulatory requirements. This may include the NCA requesting additional details on how and why there has been a deviation. For this purpose, we would expect an ASPSP to complete and submit the CEG Checklist, providing supporting evidence as appropriate, to OBIE. This can then be provided to the NCA in support of its application for an exemption.								Updated
2	Added new pages to Menu - Introduction Customer Journey Setup Consent - Codification of AIS Consent (PSD2) Consent Management Stop Sharing (sub-menu) Revocation Offboarding & Data Erasure Customer Communication Improving Comprehension								Added more guidance to Customer Journey for TPPs on Customer Journey & Customer Communication
3	Removed below pages from Menu - Introduction OBIE SIR Vulnerable Customers CX Principles								The content is rolled up on About page
4	Renamed below pages to Menu - Introduction ~~Design Principles~~ to Customer Experience Principles								The menu item is renamed.
5	Updated About page with Disclaimer The contents of the CEG and CEG Checklist do not constitute legal advice. While the CEG and CEG Checklist have been drafted with regard to relevant regulatory provisions and best practice, they are not a complete list of the regulatory or legal obligations that apply to Participants. Although intended to be consistent with regulations and laws in the event of any conflict with such regulations and laws, those regulations and laws will take priority. Participants are responsible for their own compliance with all regulations and laws that apply to them, including without limitation, PSRs, PSD2, GDPR, Treating Customers Fairly, consumer protection laws and anti-money laundering regulations								Updated About page with Disclaimer
6	Moved below sections from old Design & Experience Principles page to Customer Journey page Useful elements in the customer journey Unhelpful elements in the customer journey								Moved content to relevant page
Section Account Information Services (AIS)
1	Refreshing AISP access	Click for Related API specifications ~~Cosent~~ Consent Re-authentication/General)							Typos
7	90-Days Re-authentication	New Journey							New change to reflect 90 days re-auth journey
8	Permissions and Data Clusters for AIS journeys	Your Account Details	Balance	Balances	Your account balance	Amount, Currency, Credit/Debit, Type of Balance, Date/Time, ~~Credit Line~~			Clarification to align to Decision 201
Section Payment Initiation Services
9	Payment Refunds	New Journey							New change to reflect Payment Refunds Journey
Section Card Based Payment Instrument Issuers (CBPIIs)
10	Revocation of Consent	Change to process wireframe. ~~Confirm Account Access Revocation~~ Confirm Consent Revocation							Clarification
11	Card-specific Permissions and Data Clusters for AIS journey	Your Card Details	Balances	Balances	Your account balance	Amount, Currency, Credit/Debit, Type of Balance, Date/Time, ~~Credit Line~~			Clarification to align to Decision 201
Section Appendices
12	Standard Error Codes	Please refer to Specs Section : OBErrorResponseError1Code							To remove duplicate content
13	Refund Payment Fullfillment								Supporting examples for Payment Refunds
Section The Customer Experience Checklist
14	Explanation of the Customer Experience Guidelines Checklist	Customer-Experience-Guidelines-Checklist-v3.1.4-Final.xlsx The checklist is now called 3.1.4
15	8a	Consent	PISP	Do you gather consent in a clear, specific and straightforward manner as per the principles described in Section - Payment Refunds of the Customer Experience Guidelines?	Answer must be "Yes"	Required	n/a	Mandatory	PSRs Reg. 69(3)(g) •FCA Approach Document 17.68
16	17a	Authenticating to refresh access	AISP	Do you allow the PSU to confirm their request to refresh access across multiple ASPSPs account(s)? When refreshing access across multiple ASPSPs, do you enable the PSU to select and confirm the relevant accounts(s) for refreshing access?	Answer must be "Yes"	Required	n/a	n/a	*FCA Approach Document 20.47
17	17b	Authenticating to refresh access	AISP	Do you apply SCA when the PSU confirms their selection of account(s) across the relevant ASPSPs account(s)?	Answer must be "Yes"	Required	n/a	n/a	*FCA Approach Document 20.24 •EBA opinion paper – 13th June 2018 38-39
18	18a	Completion	AISP	Upon successful completion of SCA, do you confirm to the PSU that access has been refreshed?	Answer must be "Yes"	Required	n/a	n/a	n/a

Change Log Previous

v3.1.5 Next

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.